Electrosmog and Wireless Hacking blog.

That’s right folks. Software radio just became mainstream. Up until last summer you paid £1000+ for a USRP, then came along the £120 Funcube dongle. Now you can learn all about SDR for £20.

You can now use a £20 USB DVB-TV Stick to receive any frequency from 64-1700MHz at a high bandwidth sample rate of 2.8MS/s. Required chipset is RTL2832U & Elonics E4000 tuner combo. Known good units are EzCapTV 668 & 666 units, along with a host of similar boards.

Three brand new innovative products, all coming out around the same time. All in limited supply, and all completely brilliant!

Ubertooth – Bluetooth sniffing for under £100.

Until now sniffing and injecting packets into Bluetooth communication hasn’t been possible for the man in the street.

The Ubertooth USB dongle will change this for under £100.

The USB adapter just grabs a chunk of 2.4GHz spectrum and your PC processes it. Makes passive detection of Bluetooth devices possible without shelling out £1000 for a USRP. It will be possible to predict Bluetooth hopping pattern. It will also be possible to do man-in-the-middle attacks using two Ubertooths.

Another USB dongle featuring three SMD chips to perform a custom task. This dongle is very different from the Ubertooth, but in some ways more amazing.

It can grab up to a 80KHz chunk of radio spectrum from anywhere between 64MHz and 1700MHz (although there is a dead spot between 1100MHz and 1270MHz). It will basically do most things your fancy-pants £1000+ standalone radio scanner will do, for just £100. Basically good for speech & data, but not really video. Works with Windows. Mac OSX & Linux. Appears to PC as a USB audio device & a HID device. Plenty of open source software available to drive it. Interestingly the FUNcube Pro is mentioned on the Osmocom Tetra page.

The only downside is that each batch the designer has made are currently selling out in 2 minutes, when he releases them. Find out more at FUNcube Dongle

A really simple way to attach almost any electronic component to your Android Smartphone or Tablet. Thousands of uses will be found. Things will be invented!

This board consists of a USB to Everything adapter & a library of script & device drivers (a bit like an Arduino sketch but in Java). All the computing power & sensors in your Android smartphone available to motors, LEDs, weather stations, robots, PIRs, analog sensors, digital sensors. Just imagine the possibilities. Runs on Android 1.5 & up, so even all those sub-£50 used Android phones will work with it.

I was just looking at the Slashdot website and started reading a piece on Networkworld.com about Richard Stallman’s views on various topics.

Stallman (the open-source software movement is basically his idea) says he won’t own a mobile phone as they’re glorified tracking devices, which can also be used to eavesdrop on you remotely. This of course is all perfectly true, and if you’re of interest to the NSA or UK security services that might bother you (I’m thinking of Julian Assange or anyone who ever stood in a 5 meter perimeter of him). But if the only insight someone might gain into your personal life is that you’re using Sainsburys rather than Tescos for your shop this week, then who really cares?

I only use my Android smartphone for internet access, I don’t make any calls or send any texts. Stallman states that unless you remove the battery ( he actually says all batteries!) you don’t know what your phone is doing. Well I know what my phone is doing… I own an Electrosmog Detector (now sold out but available on eBay and other sites), which turns RF transmissions into audible noise – I’ve also got a couple of spare 9v rechargeable batteries, so I can leave it on whenever I want – and if my phone is transmitting I can hear it.

If you own an Electrosmog Detector & you’re remotely bothered about being monitored, you could just make fart noises every time the phone transmits when you aren’t talking on it! This is much more fun than being paranoid about what it is or maybe isn’t doing. Of course a smart phone with Facebook & Gmail installed will be transmitting regularly, so turn off all those auto-sync services if you want to know when it shouldn’t be transmitting.

If you don’t want to be tracked, then just leave your phone at home half the time, or swop with a big group of friends if you’re a member of any kind of protest group, or just don’t use one. Remember that swoping Sim cards isn’t enough, your mobile also contains a unique IMEI number, and either of those will let you be tracked. You need a new PAYG phone & sim to vanish. (and as soon as you use it to contact an old target you’ll re-appear again).

If you use the internet look into using Tor, or signing up for a secure VPN.

And another thing… I own several laptops & an iMac. I was looking at them recently and must have pre-empted Richard Stallman’s views. I took a big blob of blu-tak and stuck it over each built-in webcam & mic… Well you never know who might have been listening or watching, and they bloody well aren’t now! And one final thing, assume everything you do and look at on the internet is monitored, because it is…

Interesting article in New Scientist this week. Karsten Nohl has assessed various manufacturers keyfob immobilisers and concluded that most of the older 40 & 48 bit AES systems are now hackable. Last year he took 6 hours to discover the algorithm used to create the encryption key in a Hitag 2 system. Armed with that algorithm he could in theory unlock any car using NXP Semiconductors Hitag 2 system – according to New Scientist.

Security professionals now believe a move to 128 bit immobilisers is the way forward. Both Texas Instruments & NXP now offer 128 bit AES systems – which would take so long to crack that it’s not worth even trying. Apparently, the car manufacturers don’t see the urgency to switch. They point out that any car can still be removed by a thief using a flat-bed truck & a GPS/GSM radio jammer.

We’ve written previously about crimes here in the UK, involving the theft of laptops & phone from cars by thieves using jammers to stop the owners locking their car doors using the immobiliser keyfobs. Now, in theory at least, they can take your car too.

There was an interesting feature this week on BBC’s Watchdog programme about mobile phone text message spoofing. Two American researchers demonstrated how they are able to send fake MMS/Text messages that look like they’ve come from your bank to a smartphone.

This is a variation on phishing emails, but now on mobiles. All mobile network operators responded by saying that they weren’t aware of any real world use of this exploit that had so far left a single customer out of pocket – and they’re quite probably right. This seems like an awful lot of effort to go to if you want to get your hands on someones bank details & security passphrases.

I detailed on this site about 16 months ago that Dect cordless phones were now completely insecure. Anyone with a laptop, PCMCIA Com-On-Air Dect card & a decent antenna can record all you household phone calls from anywhere within a 200 metre radius of your home. Lots of older people now do home banking by telephone and over a series of calls you’ll be handing over full pins & security details. Even if you don’t give them to the bank you’ll be reusing them when you’re confirming your identity to insurance, utility & credit card providers – maybe you use that same 4 digit pin code for your home alarm & cashcard. Maybe you’re just paying for stuff with your credit card over the phone. If you live in a block of flats where tenants come and go every 6 months you’d be an easy target.

Ten years ago criminals could use an analogue radio scanner to record all the traffic on the old fashioned cordless home phones, perhaps to a computer for later analysis. They could use a DTFM decoder to figure out which number you’d called, and build up a profile that would leave them knowing you better than your best friend. Well now with the supposedly secure Dect phones they can take this further. Because each Dect phone has its own unique identifier – like the MAC address in your PC or the OUI number in a Bluetooth chip – it’s easy to zone out all the people you don’t want to listen to. Okay, only about half the Dect phones in use are insecure, but which half are you in? It’s not very reassuring is it? We’re nearly all using these Dect cordless phones at home these days.

Anyway, I saw not one article 16 months ago in the UK press or on TV about the Dect threat (although lots appeared in the German media), but now we need to worry about spoof texts. Go figure. If you really care about your health and security use a wired home phone.

As regards unusual text messages from your bank, apply some common sense – if it looks wrong, it’s because it is wrong. Wait until you get home and log onto your account there. Don’t ring numbers or use web links in these messages. Open a new browser window & check your balance from your 3G phone that way.

Pop into the bank and ask them about the real state of your account. If money diasappears from your account by a fraud that’s not your fault they’ll be giving you that money back anyway.

Smartphones are like mini PCs and they can get infected with malware and other nastiness, just like your home PC (for instance it’s now quite common for untrusting partners to secretly install tracking software on their partners smartphones to keep tabs on your whereabouts with GPS accuracy).

Ryanair recently announced that they are fitting 14 of their 166 aircraft with mini cellphone masts.

The technology comes from On Air and tells each mobile to transmit at minimum power, to minimise any possible interference with the quite important in-flight electronics! Up to six passengers at a time will be able to use the system – any more presumably cause too much interference?

When the service starts only O2 & 3 networks will be compatible and the cost of calling will be a whopping £2 per minute or 40p for a text!

Taken from an article by Lisa Adams of the Scottish Daily Record about Electrosensitivity – published 08/09/2008 :

IT’S called an allergy to modern life and half of Scots in the next 10 years could be at risk from this crippling illness, according to scientific research.

Victims of the condition, which is triggered by electromagnetic waves from mobile phones, power lines, microwaves and computers, suffer headaches, crushing chest pains, nose bleeds and a loss of feeling in arms and legs.

Experts report that up to 1.5million people in the UK already have their lives blighted by electro-sensitivity, with symptoms that also include heart palpitations, tiredness, fainting, light sensitivity and skin problems.

Mike Bell, chairman of the Radiation Research Trust, said: “We are seeing a significant increase in enquiries from individuals suffering from these symptoms.

“We’re concerned that many people could be living with health-related electro-sensitivity symptoms without realising the cause.

“Doctors in the UK are not trained to recognise this condition. They could be misdiagnosing patients and treating them with drugs rather than investigating the cause.”

One victim has compared the condition with life as a human aerial – their body overreacting to electrical waves in the environment. Today, as a scientific conference opens in London, public health expert Dr Gerd Oberfeld will predict that if current trends continue, up to 50 per cent of people could suffer from electro sensitivity symptoms in the next 10 years.

The World Health Organisation is also backing research, stating that: “Electrical hypersensitivity is a real and sometimes disabling condition.”

Sufferers are particularly vulnerable to the £2.5billion police communication system Tetra – Terrestrial Trunked Radio – which has been introduced throughout the UK. In the past three years, more than 1000 masts have been erected in Scotland. They pulse at 17.6hertz – above the 16Hz frequency the Government’s Independent Expert Group on Mobile Phones warns might affect brain activity.

Experts say radio waves at this frequency can cause calcium to leak from the brain, causing damage to the nervous and immune systems. If the masts are less than 15 metres high, they don’t need planning permission.